
United States Patent and Trademark Office 



A 



UNITED STATES DEPARTMENT OF COMMERCE 
United States Patent and Trademark Office 
Address: COMMISSIONER FOR PATENTS 
P.O. Box 1450 

Alexandria, Virginia 22313-1450 
www.usptO.gov 



APPLICATION NO. 



FILING DATE 



FIRST NAMED INVENTOR 



ATTORNEY DOCKET NO. 



CONFIRMATION NO. 



10/055,572 



10/19/2001 



Tom L. Nguyen 



8791 7590 12/13/2005 

BLAKELY SOKOLOFF TAYLOR & ZAFMAN 

12400 WILSHIRE BOULEVARD 

SEVENTH FLOOR 

LOS ANGELES, CA 90025-1030 



42390P 12549 



6116 



ART UNIT 



BERGER, AUBREY H 

1 



PAPER NUMBER 



2134 



DATE MAILED: 12/13/2005 



Please find below and/or attached an Office communication concerning this application or proceeding. 



PTO-90C (Rev. 10/03) 



Office Action Summary 


Application No. 

10/055,572 


Applicant(s) 

NGUYEN ETAL 


Examiner 

Aubrey H. Berger 


Art Unit 

2134 





- The MAILING DATE of this communication appears on the cover sheet with the correspondence address — 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1.136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )K Responsive to communication(s) filed on 19 September 2005 . 
2a)D This action is FINAL 2b)M This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) E3 Claim(s) 1-23 and 25-30 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) E] Claim(s) 1-23 and 25-30 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

1 1) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 
a)D All b)D Some * c)Q None of: 

1. D Certified copies of the priority documents have been received. 

2. D Certified copies of the priority documents have been received in Application No. . 

3. D Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 



Attachment(s) 

1) [3 Notice of References Cited (PTO-892) 4) □ Interview Summary (PTO-413) 

2) □ Notice of Draftsperson's Patent Drawing Review (PTO-948) Paper No(s)/Mail Date. . 

3) □ Information Disclosure Statement(s) (PTO-1449 or PTO/SB/08) 5) □ Notice of Informal Patent Application (PTO-1 52) 

Paper No(s)/Mail Date . 6) D Other: . 



U.S. Patent and Trademark Office 
PTOL-326 (Rev. 7-05) 



Office Action Summary 



Part of Paper No./Mail Date 1 1 032005 



Application/Control Number: 10/055,572 
Art Unit: 2134 



Page 2 



DETAILED ACTION 



1. 



The response of 09/19/2005 was received and considered. 



2. 



Claims 1-23 and 25-30 are pending. 



Response to Arguments 



3. Applicant's response (page 9) amends the abstract to overcome the 
objection. 

4. Applicant's response (page 9) amends the claims to overcome the §1 12 
1J1 set forth in thfe previous Office Action and therefore those rejections are 
withdrawn. 

5. Applicant's arguments, see pages 9-12, filed 09/19/05, with respect to the 
rejection(s) of claim(s) 1-30 under 102(b) have been fully considered and are 
persuasive. Therefore, the rejection has been withdrawn. However, upon further 
consideration, a new ground(s) of rejection is made in view of Leavitt in further 
view of Gunderson, Huh and Chou. 

6. Applicant's arguments are persuasive because the system of Gafken does 
not ascertain the validity of data stored in the non-volatile storage device and if 
invalid to replace the data with an earlier stored valid image of the data. 



7. The following is a quotation of the appropriate paragraphs of 35 
U.S.C. 102 that form the basis for the rejections under this section made in this 
Office action: 



Claim Rejections - 35 USC § 102 
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A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in 
public use or on sale in this country, more than one year prior to the date of application for patent in 
the United States. 

8. Claims 1-5, 7-8, 10-12, 15-22 and 26-28 are rejected under 35 

U.S.C. 102(b) as being anticipated by U.S. Patent Number 5,918,047 to Leavitt 
et al., (Leavitt). 

9. Regarding claim 1 , Leavitt discloses a system comprising: 

a non-volatile data storage device/flash memory (fig. 1, #20), configured 
as one or more storage regions to store one or more bytes of data (fig. 2, #20); 

a program store/shadow RAM (fig. 1, #18), communicatively coupled to 
the non-volatile data storage device/flash memory, the program store/shadow 
RAM, to store one or more processor-readable instructions to ascertain the 
validity of the data stored in the non-volatile storage device/flash memory, (fig. 2, 
#114), and if invalid to replace the data with an earlier stored valid image of the 
data (fig. 3, #116-118); and 

a processing unit/CPU (fig. 1, #16), coupled to the nonvolatile data 
storage device/flash memory, and program store/shadow RAM, to read and 
process the one or more instructions in the program store/shadow RAM, (col. 3, 
lines 1-5). 

10. Regarding claim 2, Leavitt discloses the system of claim 1 wherein the 
processing unit/CPU, is configured to process the instructions in the program 
store/shadow RAM, as part of a start-up procedure (col. 3, lines 1-5). 
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1 1 . Regarding claim 3, Leavitt discloses the system of claim 1 wherein the 
data stored in the non-volatile data storage device/flash memory, is a Basic Input 
Output System (BIOS) (col. 3, lines 40-45). 

12. Regarding claim 4, Leavitt discloses the system of claim 1 wherein the 
processor-readable instructions in the program store/shadow RAM, ascertain the 
validity of the data stored in the non-volatile storage device/flash memory, on a 
region by region basis (col. 5, lines 2-5). 

13. Regarding claim 5, Leavitt discloses the system of claim 1 wherein the 
earlier stored valid image of the data is stored in a location that cannot be 
modified without system authorization (fig. 3, #1 14-118). 

14. Regarding claim 7, Leavitt discloses the system of claim 1 wherein 
ascertaining the validity of the data stored in the non-volatile storage device/flash 
memory, includes determining if the current data in the non-volatile storage 
device/flash memory, is different than the earlier stored valid image of the data 
(fig. 3, #114). 

15. Regarding claim 8, Leavitt discloses the system of claim 1 wherein 
ascertaining the validity of the data stored in the non-volatile storage device/flash 
memory, includes determining if an integrity metric/checksum, corresponding to 
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the current data in the non-volatile storage device/flash memory, is different than 
the same integrity metric/checksum corresponding to the earlier stored valid 
image of the data (fig. 3, #114). 

16. Regarding claim 10, Leavitt discloses a method comprising: 
reading current content stored in a non-volatile storage device/flash 

memory (fig. 1, #20); 

determining if the current content has been modified without authorization 
(fig. 3, #114); and 

replacing the current content with a previously stored valid image of the 
content if the current content is determined to have been modified without 
authorization (fig. 3, #116-118). 

1 7. Regarding claim 1 1 , Leavitt discloses the method of claim 1 0 further 
comprising: 

reading the valid image of the previously stored content (fig. 3, #1 12 & col. 
4, lines 56-61); and 

comparing the previously stored content to the current content to 
determine if the current content has been modified (fig. 3, #1 14). 

18. Regarding claim 12, Leavitt discloses the method of claim 10 wherein 
determining if the current content has been modified without authorization 
includes comparing a previously stored checksum, corresponding to the valid 
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image of the previously stored content, and the checksum corresponding to the 
current content (fig. 3, #1 14 & 142). 

19. Regarding claim 15, Leavitt discloses the method of claim 10 further 
comprising: storing a valid image of the current content for later use (fig. 3, 
#106). 

20. Regarding claim 16, Leavitt discloses the method of claim 10 wherein the • 
content is read from the non-volatile storage device/flash memory, as part of a 
start-up procedure (col. 3, lines 20-25). 

21. Regarding claim 17, Leavitt discloses a method comprising: 

arranging a non-volatile storage device/flash memory (fig. 1, #20) into one 
or more storage regions (fig 2, #20); 

generating an integrity metric/checksum, corresponding to valid content 
stored in a first region of the non-volatile storage device; and 

storing the integrity metric to later determine if the content in the first 
region has been modified without authorization (fig. 3, #1 12-114). 

22. Regarding claim 18, Leavitt discloses the method of claim 17 further 
comprising: comparing a previously stored integrity metric/checksum, 
corresponding to an earlier version of the content stored in the first region, to a 
newly calculated integrity metric/checksum, corresponding to the current content 
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stored in the first region to determine if an unauthorized modification has 
occurred (fig. 3, #142). 

23. Regarding claim 19, Leavitt discloses the method of claim 17 further 
comprising: replacing the first region with an earlier version of the content therein 
if it is determined that there was an unauthorized modification (fig. 3, #118). 

24. Regarding claim 20, Leavitt discloses a method comprising: 

arranging a non-volatile storage device/flash memory (fig. 1, #20), into one 
or more storage regions (fig. 2, #20); 

comparing current content in a first region to an earlier stored image of the 
content in the first region (fig. 3, #1 14); and 

replacing the current content stored in the first region with the previously 
stored content of the first region if it is determined that there was an unauthorized 
modification of the current content (fig. 3, #118). 

25. Regarding claim 21, Leavitt discloses the method of claim 20 wherein the 
method is implemented as part of a start-up procedure (fig. 3, #100). 

26. Regarding claim 22, Leavitt discloses the method of claim 20 wherein the 
non-volatile storage device/flash memory, is arranged into one or more logical 
regions, each region having one or more bytes (fig. 2, #20). 
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27. Regarding claim 26, Leavitt discloses a machine-readable medium having 
one or more instructions for protecting content in a non-volatile storage 
device/flash memory (fig. 1, #20), against unauthorized use, which when 
executed by a processor/CPU (fig. 1, #16), causes the processor to perform 
operations comprising: 

reading current content (fig. 3, #112) stored in a non-volatile storage 
device/flash memory; 

determining if the current content has been modified without authorization 
(fig. 3, #114); and 

replacing the current content with a previously stored image of the content 
if the current content is determined to have been modified without authorization 
(fig. 3, #118). 



28. Regarding claim 27, Leavitt discloses the machine-readable medium of 
claim 26 wherein determining if the current content has been modified without 
authorization includes reading an image of previously stored content; and 
comparing the previously stored content to the current content to determine if the 
current content has been modified (fig. 3, #1 12 & 142). 



29. Regarding claim 28, Leavitt discloses the machine-readable medium of 
claim 26 wherein determining if the current content has been modified without 
authorization includes comparing a previously stored checksum corresponding to 
a valid image of previously stored content and the checksum corresponding to 
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the current content (fig. 3, #1 12 &142). 
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Claim Rejections - 35 USC § 103 

30. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for 
all obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described 
as set forth in section 102 of this title, if the differences between the subject matter sought to 
be patented and the prior art are such that the subject matter as a whole would have been 
obvious at the time the invention was made to a person having ordinary skill in the art to which 
said subject matter pertains. Patentability shall not be negatived by the manner in which the 
invention was made. 

31. Claims 6 and 9 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Leavitt as applied to claims 1 and 5 above, and further in view of U.S. 
Patent No. 6,175,904 to Gunderson. 

32. Regarding claim 6, Leavitt discloses the system of claim 5 but lacks or 
does not expressly disclose wherein system authorization includes employing a 
system interface to perform modifications to the data stored in the non-volatile 
data storage device. However, Gunderson teaches wherein system 
authorization includes employing a system interface to perform modifications to 
the data stored in the non-volatile data storage device (fig. 4, #31). It would have 
been obvious to one of ordinary skill in the art at the time the invention was made 
to modify the device of Leavitt with the device of Gunderson in order to back up 
the data that has just been changed, as taught by Gunderson, (fig. 4, #31). 



Application/Control Number: 10/055,572 Page 
Art Unit: 2134 

33. Regarding claim 9, Leavitt discloses the system of claim 1 but lacks or 
does not expressly disclose generating a copy the current data in the non-volatile 
storage device if an authorized application modifies the current data; and storing 
the copy as a valid image of the current data. However, Gunderson teaches 
generating a copy the current data in the non-volatile storage device if an 
authorized application modifies the current data; and storing the copy as a valid 
image of the current data (fig. 4, #31-34). It would have been obvious to one of 
ordinary skill in the art at the time the invention was made to modify the device of 
Leavitt with the device of Gunderson in order to in order to back up the data that 
has just been changed, as taught by Gunderson, (fig. 4, #31). 

34. Claims 13-14 and 29-30 are is rejected under 35 U.S.C. 103(a) as being 
unpatentable over Leavitt as applied to claim 10 and 26 above, and further in 
view of U.S. Patent No. 6,584,559 to Huh et al., (Huh). 

35. Regarding claim 13, Leavitt discloses the method of claim 10 but lacks or 
does not expressly disclose wherein determining if the current content has been 
modified without authorization includes comparing a previously stored cyclic 
redundancy check value, corresponding to the valid image of the previously 
stored content, and the cyclic redundancy check value corresponding to the 
current content. However, Huh teaches wherein determining if the current 
content has been modified without authorization includes comparing a previously 
stored cyclic redundancy check value/integrity check, corresponding to the valid 
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image of the previously stored content, and the cyclic redundancy check 
value/integrity check, corresponding to the current content (col. 2, lines 41-45). It 
would have been obvious to one of ordinary skill in the art at the time the 
invention was made to modify the device of Leavitt with the device of Huh in 
order to validate the firmware, as taught by Huh, (col. 1 , lines 63-66). 

36. Regarding claim 14, Leavitt discloses the method of claim 10 but lacks or 
does not expressly discloses wherein determining if the current content has been 
modified without authorization includes comparing a previously stored bit mask, 
corresponding to the valid image of previously stored content, and the bit mask 
corresponding to the current content. However, Huh teaches wherein 
determining if the current content has been modified without authorization 
includes comparing a previously stored bit mask/validation technique, 
corresponding to the valid image of previously stored content, and the bit 
mask/validation technique, corresponding to the current content (col. 4, lines 11- 
1 3). It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to modify the device of Leavitt with the device of Huh in 
order to validate the firmware as taught by Huh, (col. 1, lines 63-66). 

37. As per claims 29-30, this is a machine-readable medium version of the 
claimed method discussed above in claims 13-14 wherein all claimed limitations 
have also been addressed and/or cited as set forth above. 
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38. Claims 23 and 25 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Leavitt and further in view of U.S. Patent No. 5,892,906 to 
Chou et al., (Chou). 

39. Regarding claim 23, Leavitt discloses a method comprising: 

arranging a non-volatile storage device/flash memory (fig. 1, #20) into one 
or more storage regions (fig. 2, #20); 

verifying that the content in the non-volatile storage device is valid (fig. 3, 

#114). 

Leavitt lacks or does not expressly disclose encrypting the content in a 
first region by use of a first encryption key to protect it from unauthorized access. 
However, Chou teaches encrypting the content in a first region by use of a first 
encryption key to protect it from unauthorized access (fig. 3, #15). It would have 
been obvious to one of ordinary skill in the art at the time the invention was made 
to modify the device of Leavitt with the device of Chou in order to secure the 
BIOS, as taught* by Chou, (col. 3, lines 51-62). 

40. Regarding claim 25, Leavitt as modified by Chou above discloses the 
method of claim 23 further comprising: protecting the content of a second region 
with a second encryption key (Chou, col. 4, lines 20- 28). 



Application/Control Number: 10/055,572 
Art Unit: 2134 



Page 



Conclusion 



Any inquiry concerning this communication or earlier communications from 
the examiner should be directed to Aubrey H. Berger whose telephone number is 
(571)272-8155. The examiner can normally be reached on Monday - Thursday, 
7:30 a.m. - 5:00 p.m.. 

If attempts to reach the examiner by telephone are unsuccessful, the 
examiner's supervisor, Greg Morse can be reached on (571)272-3838. The fax 
phone number for the organization where this application or proceeding is 
assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from 
the Patent Application Information Retrieval (PAIR) system. Status information 
for published applications may be obtained from either Private PAIR or Public 
PAIR. Status information for unpublished applications is available through 
Private PAIR only. For more information about the PAIR system, see http://pair- 
direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll- 
free). 



AHB 





